Clever configuration switching allows the switch system to control the network at will

There are many things worth learning about the switch system. Here we mainly introduce how to reasonably configure the switch so that the switch system can control the network at will. With the rapid development of information technology, many organizations have established their own internal networks to cater to the information development trend, in the daily office process, employees of the Organization make full use of the Intranet network for shared resource transmission, network printing operations, and access to internal sites, which greatly improves the daily office efficiency of employees.

However, while improving the work efficiency of the Intranet network, if the management is poor, it will easily affect the normal working order. How can we effectively manage the internal network? In fact, the core device of the internal network is a switch. Clever control and configuration of the switch system can greatly improve the network management efficiency, so that the internal network can always run stably and efficiently! Now, this article is modeled on the common Huawei series switches. We recommend several switches to use to control the network!

1. cleverly enable GVRP to dynamically update VLAN configuration information

First, log on to the switch background management system remotely as A system administrator. In the command line status of the background system, enter the string command "system" and click the Enter key, switch the system to the Global View configuration mode. Then, in the Global View configuration mode, enter the string command "GVRP" and click the Enter key. Then, switch A automatically enables the global GVRP function; to enable the GVRP function for the e0/22 interface of the switch, we need to set the connection type of the switch port to the trunk type first, and allow all working subnets in the LAN to access the network through this port. In this configuration, we can perform this operation in the Global View Mode of Switch, enter the string command "inter e0/22", click the Enter key, we will find that the command line prompt is "XXX-Ethernet0/22" (1 ), "XXX" indicates the host name of the target switch. At this time, the core switch system automatically switches to the e0/22 interface view mode;

Then, in e0/22 interface view mode, enter the string command "port link-type trunk" and click the Enter key to set the connection type of the target switch port to the trunk port, then execute the string command "port trunk permit vlan all", so that the e0/22 interface can allow all VLANs in the LAN to pass through, and finally execute the "GVRP" string command, in this way, we can successfully enable the GVRP function on the e0/22 interface of the switch. Following the same steps, we also need to go to the background management system of the B switch, execute the string commands "system" and "GVRP" in sequence to enable the Global GVRP function of the B switch, then, execute the string commands "inter e1/22", "port link-type trunk", "port trunk permit vlan all", and finally execute the string command "GVRP ", in this way, the GVRP function can be successfully enabled on the e1/22 interface of the B switch. When the GVRP function is enabled for the interconnection interfaces of the two vswitches, they can automatically update the VLAN configuration information between them in the future, and the network administrator does not need to perform the same configuration operation again.

To enable the GVRP function of a switch port, you must enable the global GVRP function of the switch where the switch port is located, you also need to set the connection type of the target switch port to trunk, because only the trunk port supports enabling and disabling the GVRP function. If you want to disable the GVRP function of the target switch port in the future, we can execute the "undo gvrp" string command.

2. cleverly view ARP tables to solve ping failure

To determine the network connectivity of LAN workstations, network administrators often log on to the backend Management System of the switch and use the ping command to test whether the target workstation can connect to the LAN switch, it indicates that the failure of the target workstation to access the Internet has nothing to do with itself, and the problem is probably caused by the switch. If the ping command test fails, how can we solve the failure of the workstation to access the Internet? In fact, it is very simple. We can follow the steps below to troubleshoot in sequence:

First, log on to the background management system of the target switch and run the "system" string command to enter the global view mode of the switch, at the same time, run the "inter" command to enter the switch port view mode status directly connected to the faulty workstation. Enter the string command "display cur" in the command line of this status and click the Enter key, open the result page shown in 2 and carefully check whether the target connection port configuration parameters of the switch system are correct;

If we find that the configuration parameters of the target switch port do not have any problems, we can continue to execute the string command "display arp" in port view mode ", check whether the ARP table of the local switch system is abnormal. If no exception exists, check the virtual working subnet to which the switch port connecting to the faulty workstation system is divided, check whether the IP addresses of the corresponding virtual working subnet are in the same CIDR block as those of the faulty workstation system. If they are not in the same CIDR block, naturally, the failure of the target workstation cannot be pinged. If all the above configurations are correct, we can try to use the "debugging arp" command in the backend System of the switch, to enable the ARP debugging information switch, so as to carefully check whether the target switch port can correctly send ARP packets or accept ARP packets. If we see that the target switch port can only send ARP packets to external, when ARP packets cannot be received from outside, the reason for failing to ping the Workstation may be due to the Ethernet physical layer.

3. Check IGMP configuration to solve the failure of Multicast

To solve the problem of single-point transmission and multi-point receiving, many network administrators have enabled the vswitch multicast function to effectively improve data transmission efficiency, greatly save network bandwidth, and reduce network load; however, in the process of actually managing the network, we sometimes find that the vswitch system cannot implement the multicast function at all. In the face of such a fault, what measures should we take to deal with it? There are three main reasons for the vswitch system being unable to broadcast normally: first, the IGMP Snooping function of the target vswitch system is not enabled properly, the second is that the multicast forwarding list created by the IGMP Snooping function is incorrect. In addition, the underlying multicast forwarding table is inconsistent with the multicast forwarding list created by the IGMP Snooping function.

When checking whether the IGMP Snooping function of the target switch system is enabled properly, we can switch the target switch system to the global view mode, enter the "display current-configuration" string command at the command line prompt in this status, and click the Enter key, from the result interface that appears later, we can determine whether the IGMP Snooping function is enabled normally. If the IGMP Snooping function is not enabled, we can continue to execute the string command "IGMP-Snooping enable" to start the IGMP Snooping function of the global system of the switch. Then, we enter the specified VLAN Interface view mode, run the "IGMP-Snooping enable" string command to enable the IGMP Snooping function of the corresponding VLAN.

When we confirm that the IGMP Snooping function is enabled properly, we also need to check whether the group-based forwarding list created by the corresponding function is correct. During this check, in the Global View Mode of the switch system, enter the string command "display igmp-snooping group" and click the Enter key. The system screen will return the result information shown in 3, if you find that the forwarding list is incorrect, you must ask a professional to recreate it. Finally, execute the string command "display mac-address vlan" in the Global View Mode of the switch system ", to check whether the multicast forwarding list created by the underlying layer is consistent with that created by the IGMP Snooping function. If they are found to be inconsistent, you also need to re-create them.